<?php
class obAuthComponent extends Object
{
    /* Component config variables */
    var $user_model = "User";
    var $group_model = "Group";
    var $account_model = "Account";
    var $plan_model = "Plan";
    var $user_fields = array('id' => 'id', 'email' => 'email', 'password' => 'password', 'group_id' => 'group_id');
    var $group_fields = array('id' => 'id', 'name' => 'name');
    var $account_fields = array('id' => 'id', 'plan_id' => 'plan_id');
    var $plan_fields = array('name' => 'name');
    var $components = array('Session');
    var $login_page = '/admin/index'; // login action
    var $logout_page = null; // Page to redirect to when user logs out
    var $deny_page = '/admin/deny'; // Page to redirect if you deny access but don't want take user to login page
    var $sesskey = "mYpERsOnALhaSHkeY";

    /* Don't modify these variables */
    var $last_page = null;
    var $user = null;
    var $controller;



    public function startup(&$controller)
    {
        $this->controller = $controller;
        if ($this->Session->valid() &&  $this->Session->check($this->sesskey))
        {
            $this->user = $this->Session->read($this->sesskey);
        }
        $this->controller->set('obAuth', $this->user);
    }

    // Method to check if user is logged.
    public function login($data)
    {

        $email = $data[$this->user_fields['email']];
        $password = $data[$this->user_fields['password']];
        $conditions = array($this->user_model.".".$this->user_fields['email'] => $email, $this->user_model.".".$this->user_fields['password'] => sha1($password), $this->user_model.".active" => 1);
        $user = $this->controller->{$this->user_model}->_find($conditions);

        if (empty($user)) {
            return false;
        } else {
            $sessdata["{$this->user_model}"]['id'] = $user[0]["{$this->user_model}"]["{$this->user_fields['id']}"];
            $sessdata["{$this->user_model}"]['email'] = $user[0]["{$this->user_model}"]["{$this->user_fields['email']}"];
            $sessdata["{$this->user_model}"]['password'] = $user[0]["{$this->user_model}"]["{$this->user_fields['password']}"];

            $sessdata["{$this->group_model}"]['id'] = $user[0]["{$this->group_model}"]["{$this->group_fields['id']}"];
            $sessdata["{$this->group_model}"]['name'] = $user[0]["{$this->group_model}"]["{$this->group_fields['name']}"];

            $sessdata["{$this->account_model}"]['plan_id'] = $user[0]["{$this->account_model}"]["{$this->account_fields['plan_id']}"];

            $sessdata["{$this->plan_model}"]['name'] = $user[0]["{$this->plan_model}"]["{$this->plan_fields['name']}"];

            $sessdata["{$this->user_model}"]['login_hash'] = md5($this->sesskey . $sessdata["{$this->user_model}"]['email'] . $sessdata["{$this->user_model}"]['password'] . $sessdata["{$this->group_model}"]['id']);
            $this->Session->write($this->sesskey, $sessdata);

            return true;
        }
    }

    // Logout user and destroy cookie
    public function logout($redirect=null)
    {
        $this->user = null;
        $this->Session->delete($this->sesskey);
        $page = (!empty($redirect)) ? $redirect : $this->login_page;
        $this->controller->redirect($page);
    }

    // Check is user is part of usergroup specified
    public function lock($groups=null, $redirect=null)
    {
        $hasAccess = false;

        // User page tracker
        if ($this->controller->action != "login")
        {
            $this->last_page = $this->controller->here;
        }

        if (!empty($this->user))
        {
            if (!empty($groups))
            {
                foreach ($groups as $group)
                {
                    if ($this->user["{$this->group_model}"]['id'] == $group || $this->user["{$this->group_model}"]['name'] == $group) {
                        $hasAccess = true;
                    }
                }
            }
            else
            {
                $hasAccess = true;
            }
        }

        if(!$hasAccess)
        {
            $page = (!empty($redirect)) ? $redirect : $this->deny_page;
            $this->controller->redirect($page);
        }

    }

    public function deny($redirect=null)
    {
        $page = (!empty($redirect)) ? $redirect : $this->deny_page;
        $this->controller->redirect($page);
    }

    public function getUserId()
    {
        return (!empty($this->user)) ? $this->user["{$this->user_model}"]['id'] : false;
    }

    public function getGroupId()
    {
        return (!empty($this->user)) ? $this->user["{$this->group_model}"]['id'] : false;
    }

    public function getPlanId()
    {
        return (!empty($this->user)) ? $this->user["{$this->account_model}"]['plan_id'] : false;
    }

    public function getPlanName()
    {
        return (!empty($this->user)) ? $this->user["{$this->plan_model}"]['name'] : false;
    }
}
?>